Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Apparatus and method for identity-based encryption within a conventional public-key infrastructure

a public key and identity-based encryption technology, applied in the trust model of public key infrastructure, television system, instruments, etc., can solve the problems of public keys that are far too large for people to remember, elliptic curve keys, and certificates that are much shorter than traditional ones, so as to avoid security problems

Inactive Publication Date: 2007-08-23
CA TECH INC
View PDF13 Cites 57 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0023] The invention provides for Identity-Based Encryption (IBE), while still being compatible with conventional public-key cryptosystems. As an on-line system, the invention avoids the security problems associated with other IBE systems that permit off-line key generation. Consequently, the invention has the advantages of an IBE system—that any bit string be equivalent to a public key, without the disadvantages of permitting an attacker complete knowledge of the PKG.

Problems solved by technology

Unlike telephone numbers, public keys are far too big for people to remember.
Even elliptic curve keys, which are much shorter than the traditional ones are far too large for a person to remember.
Like any data management problem, certificate management is harder than people would like.
All of the existing IBE systems have their own limitations.
While other systems have proofs of security, there is a notoriously poor relationship between proofs of security and actual system security.
Security proofs can show where a system is safe, but not protect against new assumptions that an adversary can bring to bear against the system nor against uses of a system that its creators did not think of which may be outside of the scope of the original threat model.
Still other subtle problems have shown up on other systems, such as the ability for colluding users to determine the PKG's master key.
Consequently, they are not compatible with existing systems that use RSA (the Rivest-Shamir-Adleman algorithm), Elgamal, or DSA (Digital Signature Algorithm).
This limits their practical application, since there are many existing systems built upon these cryptosystems.
Oftentimes, the strengths of a system are also its weaknesses.
An issue that PKIs must consider in their design is that of a Directory Harvest Attack, in which senders of unwanted advertisements or outright fraudulent confidence games use the directory as a way to discover information paths into the system.
Off-line generation has the disadvantage that there is complete transparency in the directory, since the directory is an algorithm.
Off-line generation has as an additional disadvantage of increased revocation problems.
No IBE system has even considered this real-world problem.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Apparatus and method for identity-based encryption within a conventional public-key infrastructure
  • Apparatus and method for identity-based encryption within a conventional public-key infrastructure
  • Apparatus and method for identity-based encryption within a conventional public-key infrastructure

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] Identity-Based Encryption (IBE) can also be thought of as an Attribute-Based Enrollment mechanism. Its goal is to reduce the overhead required to bring an entity into the system. The overhead is reduced by taking some attribute of the entity and use that attribute as a functional equivalent to a public key. An embodiment of the invention is directed toward the enrollment aspect of IBE. This enrollment mechanism results in many of the advantages associated with the invention. The invention constructs an IBE from well-known components that have easily-understood security constraints, including proofs of security. Thus, the invention provides an adaptive framework for constructing an IBE system that is not bound to a single algorithm and is functional even in the face of security advances such as new attacks on hash functions.

[0029]FIG. 1 illustrates a network 100 configured in accordance with an embodiment of the invention. The network 100 includes a client computer 102 connec...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A method of generating an identity-based encryption key includes specifying a master key; receiving an identity-based string; executing a function that processes the master key and the identity-based string to produce a seed; and using the seed to produce an identity-based encryption key.

Description

CROSS REFERENCE TO RELATED APPLICATIONS [0001] This application claims the benefit of U.S. Provisional Application No. 60 / 611,586, entitled “Identity-Based Encryption with Conventional Public-Key Cryptography,” filed on Sep. 20, 2004, the disclosure of which is incorporated herein by reference in its entirety.BRIEF DESCRIPTION OF THE INVENTION [0002] This invention relates generally to digital data security. More particularly, this invention relates to identity-based encryption within a conventional public-key infrastructure. BACKGROUND OF THE INVENTION [0003] Conceptually, public keys behave a lot like telephone numbers—if I want to call you, I need your telephone number. I don't need my own number to make calls (I can use a pay phone, for example); I need a number to receive calls. In a fashion that is analogous to a telephone number, I need your public key to encrypt something so that it is secret to you. [0004] Unlike telephone numbers, public keys are far too big for people to ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(United States)
IPC IPC(8): H04N7/16
CPCH04L9/006H04L9/3073
Inventor CALLAS, JONATHAN
Owner CA TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products